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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above Is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply Is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even If timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 J04(b). 

Status 

1)H Responsive to communication(s) filed on 12 August 2005 . 
2a)l3 This action is FINAL. 2b)n This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 , 453 O.G. 21 3. 

Disposition of Claims 

4) 13 Claim(s) 1,4-11.14-23 and 26-32 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) 13 Claim(s) 1,4-11,14-23 and 26-32 is/are rejected. 
?)□ Claim(s) is/are objected to, 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10) H The drawing(s) filed on 28 August 2000 is/are: a)[J accepted or b)S objected to by the Examiner. 

Applicant may not request that any objection to the drawing{s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or fonm PTO-1 52. 

Priority under 35 U.S.C. § 119 

12) n Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Response to Amendment 

1. Applicant's amendment filed 12 August 2005 amends claims 1, 4, 5, 10, 1 1, 14, 15, 20- 
23 and cancels claims 2, 12, and 24. Applicant's amendment has been fully considered and is 
entered. 

Response to Arguments 

2. Applicant's arguments filed 12 August 2005 have been fully considered but they are not 
persuasive. Applicant's argument that Geiger does not disclose authenticating the control point 
between the token and the token issuer is not persuasive because Geiger discloses that the 
merchant server is authenticated between the client wireless device and the validation server 
(Col. 13, lines 13-17). The merchant server/web server meets the hmitation of the control point. 
The client wireless device meets the limitation of the token. The validation server, which is also 
the certificate authority (Figure 4 & Col. 12, Hnes 19-21), creates public key certificates and 
license certificates for cUent wireless devices at the time of manufacturing (Col. 3, lines 9-17). 
Therefore, the validation server/certificate authority meets the hmitation of the token issuer 
because it is part of the manufacturer. Applicant's assertion that the repair shop of Geiger (Col. 
7, lines 4-5) was intended to be the token issuer is incorrect because the previous Office Action 
cites the above section of Geiger to disclose that these client wireless devices are in fact issued. 
A person of ordinary skill in the art would recognize that these client wireless devices, when 
issued, are issued by a manufacturer through a service provider (i.e. Cingular, Verizon, etc.). 

3. Applicant's assertion that the certificate authority of Geiger was intended to read on 
appHcants control point is not persuasive because the previous Office Action never made this 
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correlation. As mentioned above, the merchant server/web server meets the limitation of the 
control point. The client wireless device transmits user informaiton to the web server to process 
the transaction (Col. 3, lines 33-38), which meets the limitation of the control point authorizing 
said action based on informaiton provided by said token. 

4. Applicant's argument that Geiger does not disclose the limitations of claim 9 is not 
persuasive because in addition to the previously mentioned subject matter of Geiger, the 
merchant server contains a certificate which identifies whether it has been authorized by the 
certificate authority, and the client wireless devices receives this certificate from the merchant 
server (Col 13, lines 27-65). 

5. Applicant's argument that Geiger does not disclose information being obtained by a 
token is not persuasive because a digital certificate is delivered from the attribute 
authority/merchant server/web server to the wireless device, the attribute authority is verified to 
the wireless client device using the digital certificate (Abstract). 

6. Applicant's argument that the limitations of claim 21 are not meet be Geiger is not 
persuasive because Geiger discloses that the wireless network certificate system has an operator 
(Col. 1, lines 34-45), which meets the limitation of an control point operator approving said 
control point. The authority server maintains a database that stores certificate and license 
information along with user information (Col. 8, lines 28-45), which meets the Umitation of 
storing data about said control point in a database, and said authenticating of the control point 
comprises comparing said data with said information from said token, storing data about said 
token in the database, authenticating comprises comparing said data and said information from 
said token. 
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7. Applicant's argument that Geiger does not disclose the hmitations of claim 3 1 is not 
persuasive because Geiger discloses that the client device contains a SIM card that contains user 
and device information (Col. 11, line 64 - Col. 12, line 8), which meets the Umitation of a card 
that connects with said communication portion, said card containing information regarding one 
of said device and said user. 

8. Applicant's argument that Geiger does not disclose the Hmitations of 8, 18, 28, is not 
persuasive because Geiger discloses that the action is user access of software, service or other 
content item (Abstract), which meets the Umitation of action comprising access control. 

9. Applicant's argument that current amendments to claim 22 have rendered the claim 
definite is not persuasive because claim 22 recites "said authentication" which renders the claim 
vague and indefinite because claim 20, from which claim 22 depends, has two authentications: 
Authentication of an action, and authentication of a control point. Similarly to claim 19, claim 22 
needs to specify to which authentication is being referred. 

Claim Rejections - 35 USC § 112 

10. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

1 1 . Claim 22 is rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

12. Claim 22 recites the limitation "said authenticating" which renders the claim vague and 
indefinite because it is unclear whether the claim is referring to the authentication of the control 
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point or the token. For the purposes of examination the claim will be treated as the authentication 
of the token. 

Claim Rejections - 35 USC § 102 

13. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

14. Claims 1, 4-1 1, 14-23, 26-32 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Geiger, U.S. Patent No. 6,463,534. Referring to claims 1, 6, 9, Geiger discloses a secure wireless 
electronic commerce system wherein a certificate authority is accessible by a mobile wireless 
client device (Abstract, Fig. 1), which meets the hmitation of a token being a mobile wireless 
communication device. A digital certificate is delivered from the attribute authority to the 
wireless device, the attribute authority is verified to the wireless client device using the digital 
certificate (Abstract), which meets the limitation of using the token to authenticate said control 
point to perform the action, notifying said user whether said control point has authorization for 
said action. To perform the transaction the wireless device transmits a certificate to the attribute 
authority that verifies the device (Col. 18, lines 62-68), which meets the limitation of using the 
token to authenticate the user to the control point to perform the action using the control point, 
control point authorizing said action based on information provided by said token. Geiger 
discloses that mobile wireless communication devices are issued to the users (Col. 7, lines 4-5), 
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which meets the limitation of a token issuer issuing said token to said user, and wherein said 
authenticating the control point occurs on-line between said token and said token issuer. 

Referring to claims 4, 5, Geiger discloses that the mobile wireless communication device 
communicates with the issuer via a wireless communication path (Col. 10, line 38 - Col. 11, line 
10), which meets the limitation of mobile communication device communicates with said token 
issuer using a wireless communication path. 

Referring to claim 7, Geiger discloses that the transactions are electronic commerce 
transactions (Col. 1, lines 6-11), which meets the limitation of a financial transaction. 

Referring to claim 8, Geiger discloses that the action is user access of software, service or 
other content item (Abstract), which meets the limitation of action comprising access control. 

Referring to claims 10, 11, 16, 19, 20, a digital certificate is delivered from the attribute 
authority to the wireless device, the attribute authority is verified to the wireless client device 
using the digital certificate (Abstract), which meets the limitation of the token obtaining 
information regarding said control point, the token authenticating said control point based on 
said information, information is obtained by presenting a token which performs authentication of 
said control point, notifying a user whether said control point has authorization for said action. 
To perform the transaction the wireless device transmits a certificate to the attribute authority 
that verifies the device (Col. 18, lines 62-68), which meets the limitation of using the token to 
authenticate the user to the control point to perform the action using the control point, control 
point authorizing an action based on information provided by said token. The user device is a 
mobile wireless client device (Abstract, Fig. 1), which meets the limitation of the token is a 
mobile communication device. Geiger discloses that mobile wireless communication devices are 
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issued to the users (Col. 7, lines 4-5), which meets the limitation of a token issuer issuing said 
token to said user, and wherein said authenticating the control point occurs on-line between said 
token and said token issuer. 

Referring to claims 14, 15, Geiger discloses that the mobile wireless communication 
device communicates with the issuer via a wireless communication path (Col. 10, line 38 - Col. 
1 1, line 10), which meets the limitation of mobile communication device communicates with 
said token issuer using a wireless communication path. 

Referring to claim 17, Geiger discloses that the transactions are electronic commerce 
transactions (Col 1, lines 6-11), which meets the Umitation of a financial transaction. 

Referring to claim 18, Geiger discloses that the action is user access of software, service 
or other content item (Abstract), which meets the hmitation of action comprising access control. 

Referring to claims 21, 22, Geiger discloses that the wireless network certificate system 
has an operator (Col. 1, lines 34-45), which meets the limitation of an control point operator 
approving said control point. The authority server maintains a database that stores certificate and 
license information along with user information (Col. 8, hnes 28-45), which meets the limitation 
of storing data about said control point in a database, and said authenticating of the control point 
comprises comparing said data with said information from said token, storing data about said 
token in the database, authenticating comprises comparing said data and said information from 
said token. 

Referring to claims 23, 29, 30, 32, a digital certificate is delivered from the attribute 
authority to the wireless device, the attribute authority is verified to the wireless client device 
using the digital certificate (Abstract), which meets the limitation of a wireless communication 
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portion that obtains information regarding said control point and communicates wirelessly with 
an external entity to authenticate said control point based on said information, notifying said user 
whether said control point has authorization for said action. To perform the transaction the 
wireless device transmits a certificate to the attribute authority that verifies the device (Col. 18, 
lines 62-68), which meets the limitation of authenticate the user to the control point to perform 
the action using the control point, communication portion is temporarily coupled to said device. 
The user device is a mobile wireless client device (Abstract, Fig. 1), which meets the limitation 
of a user interface portion, coupled to said communication portion, to indicate a result a result of 
said authentication of the control point to a user, wherein the device is a mobile communication 
device, user interface portion comprises a display device. Geiger discloses that mobile wireless 
communication devices are issued to the users (Col. 7, lines 4-5), which meets the limitation of a 
token issuer issuing said token to said user, and wherein said authenticating the control point 
occurs on-Une between said token and said token issuer. 

Referring to claim 26, Geiger discloses that the mobile wireless communication device 
communicates with the issuer via a wireless communication path (Col. 10, hne 38 - Col. 11, line 
10), which meets the limitation of mobile communication device communicates with said token 
issuer using a wireless communication path. 

Referring to claim 27, Geiger discloses that the transactions are electronic commerce 
transactions (Col. 1, lines 6-11), which meets the limitation of a financial transaction. 

Referring to claim 28, Geiger discloses that the action is user access of software, service 
or other content item (Abstract), which meets the limitation of action comprising access control. 



Application/Control Number: 09/648,449 Page 9 

Art Unit: 2132 

Referring to claim 31, Geiger discloses that the client device contains a SIM card that contains 
user and device information (Col. 1 1, line 64 - Col. 12, line 8), which meets the limitation of a 
card that connects with said communication portion, said card containing information regarding 
one of said device and said user. 

Conclusion 

15. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

16. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamin E. Lanier whose telephone number is 571-272-3805. 
The examiner can normally be reached on M-ThO 7;30am-5 :00pm, F 7:30am-4pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 





Benjamin E. Lanier 
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